Filter
Top Products
176 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
VALUE equal to InstallDirectory.
NO_KEY_RULE equal to FAIL.
NO_VALUE_RULE equal to FAIL.
Since you do not care about the actual value, but only of its existence, the
VALUE_DATA_RULES must be set to:
*;PASS
If any of the three checks fail you want to have the same remediation
workflow kicked off, so specify the same value for all three workflow
parameters, for example, TCRZLSoftwareInstalled.
This example will pass only if the value InstallDirectory under key
HKEY_LOCAL_MACHINE\SOFTWARE\Zone Labs\ZoneAlarm is set. If it is not
set, the TCRZLSoftwareInstalled workflow will be set for remediation with
different parameters depending on which part of the check was missing.
Checking for Windows XP firewall forced off
In order to check whether the Windows XP Firewall is not forced off the registry
key
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\Sta
ndardProfile must have the value EnableFirewall set to something else then 0 or
not set at all. To conduct this check you must provide the following parameters:
KEY equal to
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\
StandardProfile.
VALUE equal to EnableFirewall.
NO_KEY_RULE equal to PASS.
NO_VALUE_RULE equal to PASS.
VALUE_DATA_RULES need to be set to = 0;FAIL.
DEFAULT_RULE equal to PASS.
Since you need the remediation only in case the value exists and is set to 0
you must specify only one workflow parameter VALUE_DATA_WF to, for
example, TCRFirewallForcedOff.